forked from Consensys/EthEngGroupSolidityExamples
-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy pathreviewsol.py
45 lines (35 loc) · 1.73 KB
/
reviewsol.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# Copyright (c) 2023 Zoraiz Mahmood, James Snewin, Felipe Tavares, and Peter Robinson
# SPDX-License-Identifier: MIT
#from dotenv import load_dotenv
import os
import openai
#load_dotenv("./py.env")
# Initialize OpenAI GPT-3 API
openai.api_key = os.getenv("OPENAI_API_KEY")
# Find Solidity files in the repository
solidity_files = []
solidity_files.append(os.path.join(".", "flat.sol"))
#for root, _, files in os.walk("./src"):
# for file in files:
# if file.endswith(".sol"):
# solidity_files.append(os.path.join(root, file))#
# Review each Solidity file using ChatGPT
for file in solidity_files:
print(f"Reviewing {file}")
with open(file, "r") as f:
code = f.read()
# Prepare the prompt for ChatGPT
prompt = f"Provide an exhaustive list off all issues and vulnerabilities inside the following smart contract. Be in the issue descriptions and describe the actors involved. Include one exploit scenario in each vulnerability. Output as a valid markdown table with a list of objects that each have 'description' 'action' 'severity' 'actors' 'scenario' and 'type' columns. 'type' can be 'usability', 'vulnerability', 'optimization', or 'suggestion'. 'actors' is a list of the involved actors. 'serverity' can be 'low + ice block emoji', 'medium' or 'high + fire emoji'. Ensure that all fields of the table are filled out.\n\n```\n{code}\n```\n\n"
# Call the GPT-3 API
response = openai.Completion.create(
model="text-davinci-003",
prompt=prompt,
temperature=0,
max_tokens=3000,
top_p=1.0,
frequency_penalty=0.0,
presence_penalty=0.0,
stop=["#", ";"],
)
# Print the response
print(f"Review for {file}: \n{response.choices[0].text.strip()}")